关键词: 贝叶斯攻击图, 攻击压力, 攻击意愿, 潜在威胁, 风险评估

Abstract: This article proposes a new dynamic network risk analysis model based on attackers’ inclination in order to solve some problems of the traditional risk analysis method based on attack graph. Traditional attack graph based on risk assessment method relies highly on the known vulnerability database and only analyzes the atomic attacks’ attribute regardless of the relationship between attack strategies and attackers’ inclination. In our model we take both the existing vulnerabilities and unknown threatens into consideration, then evaluate the attackers pressures during different attack periods so that we quantize the attackers’ inclination dynamically under the network environment. Then, we add the attackers’ inclination factors and atomic attack attributes into graph based risk assessment model, and we create a new type of attack graph using attackers’ inclination factors. Finally we set up a dynamic risk assessment method by using Bayesian reasoning engine. We convert our static attack to the dynamic Bayesian attack graph, and use the posterior probability computed by Bayesian reasoning engine to realize the dynamic risk assessment. We establish a real-world experiment environment to simulate our dynamic risk assessment model based on attackers’ inclination and validate its function. Experimental results demonstrate the rationality of this model, and prove that this system is more suitable for real-time risk assignment under the actual network environment.

Key words: Bayesian attack graph, attack pressure, attacker’s inclination, potential threats, risk assessment